Title

The Voice Video Endpoint processing classified calls must display the classification level and Security Access Level (SAL) for the call or conference in progress. (Cat II impact)

Discussion

Without the association of security attributes to information, there is no basis for the network element to make security related access-control and flow-control decisions. Security attributes includes marking data as classified or FOUO. These security attributes may be assigned manually or during data processing but either way, it is imperative these assignments are maintained while the data is in process. If the security attributes are lost when the data is being processed, there is the risk of a data compromise. Voice video endpoints processing classified calls must display the appropriate security classification and SAL to ensure users protect information accordingly. Further, endpoints must be compatible with STU-III and STE displays. Voice video endpoints must indicate: - SCI when the connected terminals are authorized to process SCI information - Foreign national presence when non-U.S. personnel are authorized uncontrolled access - Terminal identifier associated with distant STU-IIIs or STEs and RED switch subscriber terminals - Non-secure calls and conferences established through an unclassified switch or key system. Note: Each DRSN RED telephone (except for the IST) must have, at a minimum, a two-line alphanumeric display with a minimum of 16-characters per line. The Integrated Services Telephone (IST) has a one-line, 40-character display instead of the two-line by 16-character display. These displays will show the following: - The first line will display the self-authenticating security level of the call or conference in progress. - The second line will display the identity data of the distant terminal or identify the network and/or equipment type associated with the distant party and when a conference call is in progress. (Formerly DRSN 2384/2385)

Check Content

If the Voice Video Endpoint does not process classified calls, this is Not Applicable. Verify the Voice Video Endpoint processing classified calls displays the classification level and SAL for the call or conference in progress. If the Voice Video Endpoint processing classified calls does not display the classification level and SAL for the call or conference in progress, this is a finding.

Fix Text

Configure the Voice Video Endpoint to display the classification level and SAL for the call or conference in progress.

Additional Identifiers

Rule ID: SV-206771r604140_rule

Vulnerability ID: V-206771

Group Title: SRG-NET-000311

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.